On 10/03/2011 21:39, Stan Hoeppner wrote: > Giovanni Mancuso put forth on 3/10/2011 11:19 AM: >> On 10/03/2011 15:04, Stan Hoeppner wrote: >>> Giovanni Mancuso put forth on 3/10/2011 7:22 AM: >>>> Hi, >>>> I would configure my postfix to control if client ip is in blacklist >>>> only if the mail have a particolar header. >>>> I tried to create a header_checks table and with a FILTER i redirect all >>>> mails that have a particular header to localhost on port 2500 >>>> but in this way the client ip is localhost >>>> >>>> Anyone have any ideas? >>> You don't want to forward the entire mail to a policy daemon or TCP >>> server via FILTER. You simply want to reject it if you don't like the >>> header contents and the IP is in a dnsbl. >>> >>> The closest thing I know of to this is Sahil Tandon's perl based TCP >>> server. It checks the domains in the from, message-id, and reply-to >>> headers against a configurable list of domain block lists. The default >>> list is: >> I saw the script, but in this way the check is done with header from, >> message-id or reply-to that can be a fake. >> >> I would that the check is done on* *client_address. > I must have misunderstood. It sounds above as if you want to check the > header for something, and only after some kind of match query a DNSBL > with the client IP. Is this not what you want? What exactly do you > want? It's not clear. > Hi, I try to explain with an example. I have my postfix configured as MX record of my domain with particular smtpd_recipents_restriction, ecc... If my postfix receives a mail that has X-MyCustomHeader, Postfix accept the mail and delivers it to backend. If my Postfix receives a mail that hasn't X-MyCustomHeader, Postfix checks if client ip is in a blacklist and reject the email if the ip is in blacklist or accept the mail if it isn't in blacklist.
I hope to have explained it clearly. Sorry for my bad English Bye